Professional Documents
Culture Documents
Contents
UMTS Security objectives
Problems with GSM security
UMTS security mechanisms
UMTS and GSM security interoperation
Summary
Mutual Authentication
Data Integrity
The mobile user and the serving network authenticate each other
Security is based within the RNC rather than the base station
Secure Services
Fraud Detection
Secure Applications
The user and the mobile station share a secret key, PIN
Flexibility
The user and the network negotiate and agree on cipher and integrity
algorithms. At least one encryption algorithm exported on world-wide
basis (KASUMI)
Lawful Interception
GSM Compatibility
Termination points
Applied to
RA ND
Generate SQN
Generate RAND
SQN
RAND
f5
SQN AK
AK
AM F
M AC
AMF
SQN
f1
MAC
f2
f3
f4
f5
f1
f2
f3
f4
XRES
CK
IK
AK
XM AC
RES
CK
IK
Serving Network
AV
Verify M AC = XM AC
Verify that SQN is in the correct range
RAND, AUTH
RES
Encryption
Signaling and user data protected from eavesdropping. Secret key,
block cipher algorithm (KASUMI) uses 128 bit cipher key.
At the mobile station and RNC (radio network controller)
COUNT-C
DIRECTION
BEARER
CK
COUNT-C
LENGTH
f8
BEARER
CK
KEYSTREAM
BLOCK
PLAINTEXT
BLOCK
DIRECTION
f8
KEYSTREAM
BLOCK
CIPHERTEXT
BLOCK
Sender
UE or RNC
LENGTH
PLAINTEXT
BLOCK
Receiver
RNC or UE
Integrity Check
Integrity and authentication of origin of signalling data provided.
The integrity algorithm (KASUMI) uses 128 bit key and
generates 64 bit message authentication code.
DIRECTION
MESSAGE
IK
f9
COUNT-I
FRESH
DIRECTION
MESSAGE
IK
f9
MAC -I
XMAC -I
Sender
UE or RNC
Receiver
RNC or UE
FRESH
KASUMI
Interoperation between
UMTS and GSM
Interoperation between
UMTS and GSM
IPSEC
Spoofing
One machine masquerades as another
Sniffing
Eavesdropping between two or more parties
Session high-jacking
Using above techniques one user could take over an established connection
(man in the middle attack)
Lawful Interception
3G M S
LE A
LEA
I N TE R C E P T
R EQ U EST
A dminis tration
I N TE R C E P T
R EQ U EST
3 GMS node
Func tion
N E TW O R K R E L ATE D
D AT A
IRI
IRI
Deliv ery
Func tion
CC
CC
MO B ILE TA R G ET
T EC H N IC AL IN T E RC E PT IO N
H AN D O VE R IN TE R FAC E
CC = Content of Communication
IA = Interception Area
IRI = Intercept Related Information
All that can happen to a fixed host attached to the Internet could
happen to a 3G terminal
IMSI is sent in cleartext when the user is registering for the first time in
the serving network (trusted third party can be a solution)
A user can be enticed to camp on a false BS. Once the user camps on
the radio channels of a false BS, the user is out of reach of the paging
signals of SN
Hijacking outgoing/incoming calls in networks with disabled encryption
is possible. The intruder poses as a man-in-the-middle and drops the
user once the call is set-up
Summary